OneLogin SAML SSO Integration Set up
To add Conformity as a custom SAML 2.0 app in OneLogin:
1. Sign in to OneLogin as an Admin.
2. Go to Applications > Applications.
3. Click the Add App button from the top-right corner.
4. From Find Applications, search and select SAML Test Connector (Advanced).
5. Update Display Name to Cloud Conformity, upload the attached icons, and Save.
6. In Configuration tab, enter the following:
SAML encryption public key: Once you select the Encrypt assertion as ‘yes’ you will be able to see this field. Paste the contents of cloud-conformity-sso-x509.pem
7. In the Parameters tab, add:
Note: You do not need to map the email.
8. Ensure that OneLogin is configured to send role claim to Conformity:
Note: We recommend creating a User Role for at least Admin users so we can automatically assign users to their correct role on Conformity side.
Supported roles are:
If you set up User Roles, we would need to know role names to complete the mapping; otherwise, all users will default to Admin.
9. In the SSO tab, set the SAML Signature Algorithm to SHA-512.
10. Click the Save button from the top right of the page to save the app configuration.
11. From the More Actions drop-down, download the SAML metadata XML file. You will need it in the next steps.
12. Follow the instructions from Step 2 onwards to Configure SSO settings in Conformity.